diff --git a/app/controllers/request_for_comments_controller.rb b/app/controllers/request_for_comments_controller.rb
index 196fcf01..9b55c9e3 100644
--- a/app/controllers/request_for_comments_controller.rb
+++ b/app/controllers/request_for_comments_controller.rb
@@ -2,7 +2,7 @@ class RequestForCommentsController < ApplicationController
   include SubmissionScoring
   before_action :set_request_for_comment, only: [:show, :edit, :update, :destroy, :mark_as_solved, :set_thank_you_note]
 
-  skip_after_action :verify_authorized
+  before_action :require_user!
 
   def authorize!
     authorize(@request_for_comments || @request_for_comment)
@@ -26,11 +26,12 @@ class RequestForCommentsController < ApplicationController
   def get_my_comment_requests
     @search = RequestForComment
                   .with_last_activity
-                  .where(user_id: current_user.id)
+                  .where(user_id: current_user&.id)
                   .ransack(params[:q])
     @request_for_comments = @search.result
                                 .order('created_at DESC')
                                 .paginate(page: params[:page])
+    authorize!
     render 'index'
   end
 
@@ -44,6 +45,7 @@ class RequestForCommentsController < ApplicationController
     @request_for_comments = @search.result
                                 .order('last_comment DESC')
                                 .paginate(page: params[:page])
+    authorize!
     render 'index'
   end
 
@@ -83,10 +85,6 @@ class RequestForCommentsController < ApplicationController
     authorize!
   end
 
-  # GET /request_for_comments/1/edit
-  def edit
-  end
-
   # POST /request_for_comments.json
   def create
     # Consider all requests as JSON
@@ -111,17 +109,6 @@ class RequestForCommentsController < ApplicationController
     authorize!
   end
 
-  # DELETE /request_for_comments/1
-  # DELETE /request_for_comments/1.json
-  def destroy
-    @request_for_comment.destroy
-    respond_to do |format|
-      format.html { redirect_to request_for_comments_url, notice: 'Request for comment was successfully destroyed.' }
-      format.json { head :no_content }
-    end
-    authorize!
-  end
-
   private
     # Use callbacks to share common setup or constraints between actions.
   def set_request_for_comment
diff --git a/config/routes.rb b/config/routes.rb
index 9c9584d8..df1a8b5b 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -14,7 +14,7 @@ Rails.application.routes.draw do
     end
   end
   resources :codeharbor_links, only: %i[new create edit update destroy]
-  resources :request_for_comments do
+  resources :request_for_comments, except: %i[edit destroy] do
     member do
       get :mark_as_solved, defaults: { format: :json }
       post :set_thank_you_note, defaults: { format: :json }